Create the necessary directory structure as shown at the configuration directory page.
Populate the
${USERTREE}/run-image/service/
subdirectory with at least the following
service directories:
Populate the
${USERTREE}/src/*/
subdirectories with
source directories.
In practice, it makes sense to start a user supervision tree in one of the two following ways:
In this case, the s6-svscan process of the user supervision tree is a service of the system supervision tree that dropped privileges.
For this create a
source directory
at src/usertree/@USER@-@USERTREE@-init
in the system configuration directory.
Whats is special here, is the empty file
at src/usertree/@USER@-@USERTREE@-init/no-ml
prohibiting automatic logger creation,
since the user supervision tree brings its own logger.
src/usertree/@USER@-@USERTREE@-init ├── dependencies.d │ ├── mount # empty/arbitrary │ └── @USER@-tmpfs # empty/arbitrary ├── no-ml # empty/arbitrary ├── run # see below └── type # longrun
run script:
#!/bin/execlineb -P fdmove -c 2 1 s6-setuidgid @USER@ export USER @USER@ export USERTREE @USERTREE@ export BUNDLE @BUNDLE@ # optional user-init
Additionally a user writable tmpfs to hold the
user runtime directory
needs to be prepared.
This is done through a @USER@-tmpfs
service:
src/usertree/@USER@-tmpfs ├── up # see below └── type # oneshot
up script:
#!/bin/execlineb -P fdmove -c 2 1 export USER @USER@ user-tmpfs
Replace @USER@
with the user account the supervision tree is for
and @USERTREE@
with a usertree this user has actually prepared
a config for.
These system services can now be started either on boot, or once the user logs in. Following are a couple of ideas to get a feel for what user supervision trees can be used for.
On a server:
minecraft
and having a dedicated, unprivileged admin
for those.
On a desktop machine:
The system service that initiates the user supervision tree could of course be started anytime later after boot. A practical use of this would be:
Technically, the user-init program can be initiated from anywhere. The script to start user supervision trees in this case is the same:
#!/bin/execlineb -P export USER @USER@ export USERTREE@USERTREE@ export BUNDLE @BUNDLE@ # optional user-init
Some useful points to initiate a user supervision tree from are:
As explained on the supervision tree page, any user can have any amount of supervison trees. There are situations where it can be useful to nest user supervison trees, that is, start one user supervision tree from another user supervison tree.
An example would be a
user interface
based on
X.Org
or
Wayland.
Here, components like wallpapers and
notifications are often provided as daemons separate
from the compositor.
They do, however, need some information from the compositor,
which is ususally passed by environment variables,
e.g. DISPLAY and WAYLAND_DISPLAY.
These environment variables need to somehow find there way to the daemon.
One way to achieve this is starting another user supervision tree
from the compositor. This is illustrated below:
As an example, say the user logs in which causes a compositor to be started
as user service to a user supervision tree USERTREE=login.
The corresponding wallpaper daemon can not really be a
service of the same user supervision tree, since
the compositor service has no elegant way to update the environment
of the wallpaper daemon in this way.
Instead one can start a an additional user supervision tree
USERTREE=compositor,
from inside the compositor.
This user supervision tree naturally inherits the environment
variables from the compositor and can start
wallpaper daemons, notification daemons, statusbar daemons etc.